package org.learn.shiro;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.learn.filter.CaptchaValidateFilter;
import org.learn.filter.LogoutFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {


    //1.创建ShiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean filterBean = new ShiroFilterFactoryBean();
        //关联SecurityManager
        filterBean.setSecurityManager(securityManager);
        //修改登录请求
        filterBean.setLoginUrl("/login");
        //未授权提示页面
        filterBean.setUnauthorizedUrl("/unAuth");
        // 权限认证失败，则跳转到指定页面
        filterBean.setUnauthorizedUrl("/unAuthUrl");
        Map<String, String> filterMap = new LinkedHashMap<>();

        filterMap.put("/user/login", "anon,captchaValidate");
        filterMap.put("/captcha/captchaImage**", "anon");
        filterMap.put("/plugins/**", "anon");
        // 退出 logout地址，shiro去清除session
        filterMap.put("/logout", "logout");
        //授权过滤器
        filterMap.put("/product/add", "perms[product:add]");
        filterMap.put("/product/update", "perms[product:update]");


        Map<String, Filter> filters = new LinkedHashMap<>();
        // 注销成功，则跳转到指定页面
        filters.put("logout", logoutFilter());
        //验证码过滤器
        filters.put("captchaValidate", captchaValidateFilter());

        //把自定义的过滤器添加到shiro过滤器列表中
        filterBean.setFilters(filters);

        //filterMap.put("/**", "authc");
        filterMap.put("/**", "user");
        filterBean.setFilterChainDefinitionMap(filterMap);//添加Shiro过滤器配置


        return filterBean;
    }

    //2.创建SecurityManager
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(MyRealm myRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(myRealm);
        // 记住我功能
        securityManager.setRememberMeManager(rememberMeManager());
        return securityManager;
    }

    //3.创建Realm
    @Bean
    public MyRealm myRealm() {
        MyRealm realm = new MyRealm();
        return realm;
    }

    /**
     * 退出过滤器
     */
    public LogoutFilter logoutFilter() {
        LogoutFilter logoutFilter = new LogoutFilter();
        logoutFilter.setLoginUrl("/login");
        return logoutFilter;
    }


    /**
     * 记住我
     */
    public CookieRememberMeManager rememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie(rememberMeCookie());
        cookieRememberMeManager.setCipherKey(Base64.decode("fCq+/xW488hMTCD+cmJ3aQ=="));
        return cookieRememberMeManager;
    }


    /**
     * cookie 属性设置
     */
    public SimpleCookie rememberMeCookie() {
        SimpleCookie cookie = new SimpleCookie("rememberMe");
    /*    cookie.setDomain(domain);
        cookie.setPath(path);*/
        cookie.setHttpOnly(true);
        cookie.setMaxAge(60 * 24 * 60 * 60);
        return cookie;
    }


    /**
     * thymeleaf模板引擎和shiro框架的整合(Shiro标签)
     */
    @Bean
    public ShiroDialect shiroDialect() {
        return new ShiroDialect();
    }


    /**
     * 自定义验证码过滤器
     */
    @Bean
    public CaptchaValidateFilter captchaValidateFilter() {
        CaptchaValidateFilter captchaValidateFilter = new CaptchaValidateFilter();
        captchaValidateFilter.setCaptchaEnabled(true);  //开启验证码
        captchaValidateFilter.setCaptchaType("char");   //字符串类型
        return captchaValidateFilter;
    }

}
